Keywords: Machine Learning, Topological Data Analysis, Persistent Homology, Passive Traffic Fingerprinting, Persistence Images, IoT
TL;DR: An approach for passive fingerprinting of encrypted Internet of Things network traffic using persistent homology over inter-packet timing.
Abstract: Internet of things (IoT) devices are becoming increasingly prevalent. These devices can improve quality of life, but often present significant security risks to end users. In this work we present a novel persistent homology based method for the fingerprinting of IoT traffic. Traditional passive device fingerprinting methods directly inspect the packet attributes or contents within the captured traffic. Buttechniques to fingerprint devices based on inter-packet arrival time (IAT) are an important area of research, as this feature is available even in encrypted traffic.We demonstrate that Topological Data Analysis (TDA) using persistent homology over IAT packet windows is a viable approach to obtain discriminative features for device fingerprinting. The clique complex construction and weighting function we present are efficient to compute and robust to shifts of the packet window. The1-dimensional homology is calculated over the resulting filtered clique complex.We obtain competitive accuracy of 95.34% on the UNSW IoT dataset by using a convolutional neural network to classify over the corresponding persistence images.
Previous Submission: No